On January 1, 2019, parts of the South Carolina Insurance Data Security Act (SCIDSA) became effective. Over the next 17 months, other key parts of the SCIDSA will be phased in until the act is fully in effect on July1, 2020.
Let’s review who the SCIDSA applies to and what requirements are active now and when the other requirements will be phased in.
One of the amazing questions I received this week was about layered security. “What does that look like Micheal?” This week I’ll break down common ways for small businesses to implement multiple levels of security into their business networks to stop the cyber bad guys.
A HIPAA compliance program looks different from one organization to the next, depending on their specific needs. Although varied, each program goes through a similar cycle that I will outline in this week’s blog. Keep in mind, the cycle typically repeats on a yearly schedule as mandated by HIPAA.
The assumed answer is HIPAA. To clarify, HIPAA is an act and not a governing body of any sort. HIPAA’s rules and regulations are enforced by the U.S. Department of Health & Human Services (HHS) and their Office for Civil Rights (OCR). Besides Attorney Generals, other entities cannot enforce HIPAA, it acts as a standard for the healthcare industry and is used as a measuring stick for due diligence.
Today, the South Carolina Department of Insurance released Bulletin 2018-09 Cybersecurity Event Reporting Form. Why should you read it? This bulletin focuses on how the Department of Insurance defines a reportable cybersecurity event and the notification procedures. The three main take aways from the bulletin are:
Follow this link to view the latest bulletin from the DOI. For your convenience we have attached both the bulletin and the updated event report form below. You may also want to review previous blogs about the IDSA and how you too can sign up for IDSA update notices from the DOI.
If you have any questions on SC Insurance Data Security Act compliance, Call Tandem Cyber Solutions today!